SECURITY ISSUES IN USING IOT ENABLED DEVICES AND THEIR IMPACT
Trends in Information Management
1. Running head: Annotated Bibliography: Trends in Information Security 1
Annotated Bibliography: Trends in Information Security
By Alexander Deucalion
October 2nd, 2015
Trends:
Biometric alternatives to password authentication
Network System Intergration Design
Energy Efficient Green Computing in the Cloud
NAICS Codes:
Biometric alternatives to password authentication
344118, Biometrics
Network Systems Integration Design
541512 Information Management
Energy Efficient Green Computing in the Cloud
541511 Custom Computer Programming
Biometrics
Unar, J.A., Woo Chaw Seng, and Almas Abbasi. 'A Review Of Biometric Technology
Along With Trends And Prospects'. Pattern Recognition 47.8 (2014): 2673-2688. Web.
Retrieved from:
http://www.sciencedirect.com.ezproxy.umuc.edu/science/article/pii/S003132031400034
X
The authors present a review of the state of current authentication practices and illustrate
the inadequacy of those practices to advocate for the use of biometric alternatives. They
start with a discussion of the pervasiveness of “criminal and terrorist”(Unar, Seng &
Abassi 2014) activity existing today, both in computing and non-computing scenarios
and how the conventional authentication methods are largely disadvantageous to proper
functioning of daily operations in various environments-including work environments.
The Article is organized in sections: a section to comprehensively cover basic biometric
concepts, a section for “quantitative analysis”, a section for discussing biometric
2. Annotated Bibliography: Trends in Information Management 2
modalities and their advantages and disadvantages, and lastly, a section covering the
trends and concluding remarks. (Unar, Seng & Abassi 2014) In particular, the articles
discusses six different biometric modalities: hand, face, ocular, biomedical, behavioral
and soft
Appearing in a peer reviewed publication, this article is directed toward the author’s peers
in the academic community. The material is highly relevant to the topic and unlike other
studies available, features great details about each biometric modality, a quantitative
analysis, other details not covered in other studies, and a forecasting of market trends
for biometric technology.
The comprehensiveness of the discussion of biometrics in its different forms and
applications is probably the greatest strength of the article and makes it a formidable
article for research.. It unfortunately focuses extensively on embedded systems and the
Internet of Everything and not so much on biometric applications in traditional desktop
computing systems of which there are many available biometric applications. It further
contains little bias as the authors acknowledge that biometrics is simply one solution to
the security problem but not the only one. (Unar, Seng & Abassi 2014)
Schneier, B. (1999, August). The Uses and Abuses of Biometrics. Communications of
the ACM, 42(8), 136. Retrieved from
http://ezproxy.umuc.edu/login?url=http://go.galegroup.com.ezproxy.umuc.edu/ps/i.do?i
d=GALE%7CA55397084&v=2.1&u=umd_umuc&it=r&p=CDB&sw=w&asid=49082bd74f
94d14a99ed02e9f0b771d6
3. Annotated Bibliography: Trends in Information Management 3
Biometrics has gained such a large amount of popularity and appeal due to the never
ending and ever increasing incidents of successful data attacks and infection of systems
by many varieties of Malware. And with every new occurrence of computer crime, exploit,
and attacks these incidents are probably becoming as prevalent as jaywalking and if not,
trended to become so. In the context of our desperation to protect our data, the author
writes with the purpose to awaken people and advise them not to be blindly optimistic
about biometrics. For there is a price: “Biometrics is seductive” (Schneier 1999).
The short article is organized by several points: 1) Biometrics is seductive; 2) Biometrics
requires a database to store the reference file; 3) Some biometrics is hard to forge; 4)
Some are easy to forge. The moral here is that biometrics work well only if the verifier can
verify two things: one, that the biometric came from the person at the time of verification,
and two, that the biometric matches the master biometric on file. If the system can't do
that, it can't work (Schneier 1999)
The author points out the two sides of biometrics-“the “science fiction” side and the “real”
side; and then makes the case of its limitations and vulnerabilities: “If sometime steals
your biometric, it is stolen for life. There is no way to get back to a secure a secure
situation” (Schneier 1999)
The article’s strength relies in the wisdom of its caveat but since biometrics have probably
advanced since the article was written, it may be well to reconsider the author’s position
today. The weakness is reflected in the lack of references used which may downgrade
the work to an opinion
4. Annotated Bibliography: Trends in Information Management 4
Information Management
Liu, L., Stimpson, T., Antonopoulos, N., Ding, Z., & Zhan, Y. (2013). An Investigation of
Security Trends in Personal Wireless Networks. Wireless Pers Commun, 75(3), 1669-
1687. http://dx.doi.org/10.1007/s11277-013-1386-3
http://go.galegroup.com.ezproxy.umuc.edu/ps/i.do?id=GALE|A387349460&v=2.1&u=u
md_umuc&it=r&p=CDB&sw=w&asid=47fc265e4ebd53d4c98fd09b3850f951
The work discussed here is a comprehensive study of wireless networks vulnerability and
security to mitigate those security breaches that exist not only on home networks as well
as enterprise mobile networks which are more frequently compromised due to the
continuance relying on compromised encryption schemes such as WEP which was
broken over 10 years ago. Another threat to wireless networks is the abundant
downloadable tools that pose a serious risk to mobile devices belonging to users either
at home or on the field conducting corporate tasks or telecommuting. It is the intention of
the authors that through this study, users can benefit by utilizing more up-to-date security
schemes and show more safe computing behavior. This work is directed toward users for
that reason.
This article is organized by the authors this way: In Section 2 “a literature review will be
undertaken to display the past, present and possible future threats to wireless security,
as well as network security as a whole”. In Section 3 an in-depth analysis of threats from
wireless security tools is examined. Section4 discusses design and implementation of
newer security methods. Section 5 considers the Wardriving (the act of searching for Wi-
Fi wireless networks by a person in a moving vehicle, using a portable computer,
smartphone or personal digital assistant)Research and Section 6 offers suggestions for
5. Annotated Bibliography: Trends in Information Management 5
solving security problems discovered in the research(Liu, Stimpson, Antonopoulos, Ding
& Zhan, 2013).
The relevance to the topic is high since the pervasiveness of mobile devices in all areas
of life and work are undeniably ubiquitous in the fast advancing information age. The need
for mobile security has never been more critical because mobile computing has different
security issues than conventional connected network components like LANs and WANs.
The thoroughness with which this study exposes security issues centering on mobile
users and attempts to devise ideas to improve security makes this a strong article.
All, A. (2015). 9 Enterprise Security Trends for 2015 - eSecurity Planet.
Esecurityplanet.com. Retrieved 4 October 2015, from
http://www.esecurityplanet.com/mobile-security/9-enterprise-security-trends-for-
2015.html
This articles lists some of 2015’s most pressing security problems facing enterprises
and seeks to inform not only CIOs but the public as well. There are 9 top trends to look
out for and these are voiced by some of IT’s top experts in the field of network security.
The author briefly states the 9 trends: Security as a Differentiator, More weaponized
malware, Bigger and Badder DDOSs, Rethinking Security Costs, Increasing threat
intelligence, Going on Offence, Monetizing Malware, Mobile Attack Motivations, Health
Care Information in the Cross Hairs.
The article is very brief and to the point and contains no analysis or advocacy for
helping readers with security issues. That weakness makes the article not very helpful
Custom Computer Programming
6. Annotated Bibliography: Trends in Information Management 6
Mastelic, T., & Brandic, I. (2015). Recent Trends in Energy-Efficient Cloud Computing.
IEEE Cloud Comput., 2(1), 40-47. http://dx.doi.org/10.1109/mcc.2015.15
Retrieved from:
http://www.computer.org.ezproxy.umuc.edu/csdl/mags/cd/2015/01/mcd2015010040-
abs.html
The authors of this article purport to survey the current use of energy by cloud computing
datacenters and the environmental impact of current use levels. They then discuss the
challenges and directions the industry can and should take. The amount energy use in
datacenters they claim amounts to over 1% of the worlds energy usage: in 2007 the cloud
use of electricity was 330 Kw hours and is expected to rise to 1 Trillion by 2020(Mastelic
& Brandic 2015)
The article is organized into topics each of which is a component of a datacenter in the
cloud-the network as whole, the servers, and the appliances. In the next section these
components are integrated and the energy efficiency concepts are applied to the
datacenter as a whole. The audience it would appear, are the datacenter admins and
managers.
The authors discuss in each section the State of the Art and the Future Challenges for
achieving energy efficiency in each of the components and offer ways to accomplish that
but it really fails to give any priority or urgency to the problem of overusing coal-based
energy and its environmental impact. The article does make some suggestions but
nothing close to a usable strategy or blueprint for datacenter energy use reduction.
Venkatraman, A. (2014). Greenpeace slams datacenter operators for energy
inefficiency. Computer Weekly, 6-7.
7. Annotated Bibliography: Trends in Information Management 7
Retrieved from
http://eds.a.ebscohost.com.ezproxy.umuc.edu/eds/pdfviewer/pdfviewer?sid=7d0ea70e-
7ead-4489-88b8-da6ab66ac9a6%40sessionmgr4001&vid=3&hid=4213
Like an environmental police officer, Greenpeace has become a watchdog for IT industry
and large datacenters like Google and Amazon, praising the former’s renewal energy
efforts and slamming the latter. That Greenpeace would take on the IT world is no
surprise. Prior to advent of the Information Age, they were hard at work sailing the oceans
to prevent whaling and other sorts of over-fishing. As perennial champions of the
environment they have kept up with technology trends and encourage data
conglomerates to “cool it with coal” and switch to solar, wind, other renewable energy
sources.
This article is an analysis by the Editors of Computer Weekly of the Greenpeace Clicking
Clean Report. It follows the Greenpeace report highlighting the statistics of clean energy
use by Companies like Google, Facebook, and Yahoo, while branding Amazon and
Twitter as Dirty Energy Players”( Venkatraman, 2014). It discusses how large urban
datacenter like the ones mentioned above are leading the way to 100% renewal energy
us and others like Microsoft, IBM, and Telecity are “in the middle taking some steps but
not really being transparent and leading the way”.( Venkatraman, 2014).
As a world class environmental NGO, it leads the way to help protect the environment
and since criticizing those in the IT industry for being “dirty” and encouraging them to
“come clean” this report of their activities is highly relevant to the attaining their objective
of setting clean and efficient energy use by the cloud community.
The Editors are praising Greenpeace, it seems, by reporting on their activity in a
positive light and that is the strength of this article.